public async Task <JsonResult> SignUpUser(OAuth2UserIdentity userIdentity)
{
ServiceResponse response = default(ServiceResponse);
using (Session session = ApplicationModel.Current.CreateSession(new SecurityToken(this.HttpContext.Request.Url.Host, this.HttpContext.User.Identity.Name)))
{
try
{
IDataPortal portal = DependencyInjection.Get <IDataPortal>();
OAuth2UserIdentity value = portal.SignUpUser(userIdentity);
// Set the status on HTTP and response level.
if (value == null)
{
HttpContext.Response.StatusCode = (int)HttpStatusCode.NotFound;
}
ResponseStatus status = value == null ? ResponseStatus.NO_DATA : ResponseStatus.OK;
response = new ServiceDataResponse(RestVersion0100Controller.API_VERSION, status, value);
}
catch (Exception ex)
{
HttpContext.Response.StatusCode = (int)HttpStatusCode.BadRequest;
response = new ServiceErrorResponse(RestVersion0100Controller.API_VERSION, ResponseStatus.ERROR, new ServiceError(ex));
}
}
return(this.Json(response));
}
/// <summary>
/// Determines whether a given set of resource owner credentials is valid based on the authorization server's user database
/// and if so records an authorization entry such that subsequent calls to <see cref="M:DotNetOpenAuth.OAuth2.IAuthorizationServerHost.IsAuthorizationValid(DotNetOpenAuth.OAuth2.ChannelElements.IAuthorizationDescription)" /> would
/// return <c>true</c>.
/// </summary>
/// <param name="userName">Username on the account.</param>
/// <param name="password">The user's password.</param>
/// <param name="accessRequest">The access request the credentials came with.
/// This may be useful if the authorization server wishes to apply some policy based on the client that is making the request.</param>
/// <returns>
/// A value that describes the result of the authorization check.
/// </returns>
public AutomatedUserAuthorizationCheckResponse CheckAuthorizeResourceOwnerCredentialGrant(string userName, string password, IAccessTokenRequest accessRequest)
{
IOAuth2AuthorizationStoreAgent agent = DependencyInjection.Get <IOAuth2AuthorizationStoreAgent>();
var user = agent.GetUser(userName, password);
// We use a fixed username and password to determine if the username/password combination is correct.
var userCredentialsAreCorrect = user != null;
// Add the user's scopes.
IList <OAuth2Scope> scopes = agent.GetUserScopes(userName);
scopes.Select(x => x.Code).ToList().ForEach(x =>
{
accessRequest.Scope.Add(x);
});
OAuth2UserIdentity userIdentity = agent.GetUserIdentity(userName);
var _userIdentity = userIdentity.ToDataTransferValue();
accessRequest.ExtraData.Add(new KeyValuePair <string, string>("userIdentity", JsonConvert.SerializeObject(_userIdentity)));
// The token request is approved when the user credentials are correct and the user is authorized for the requested scopes
var isApproved = userCredentialsAreCorrect && UserIsAuthorizedForRequestedScopes(userName, accessRequest.Scope);
return(new AutomatedUserAuthorizationCheckResponse(accessRequest, isApproved, userName));
}
public OAuth2UserIdentity GetUserIdentity(IEntityContext context, string identifier)
{
OAuth2UserIdentity entity = null;
using (IOAuth2UserIdentityRepository repository = DependencyInjection.Get<IOAuth2UserIdentityRepository>(InjectionParameter.Create("context", context)))
{
var subQuery =
QueryOver.Of<OAuth2User>()
.Where(x => x.Identifier == identifier)
// Just keep the USER.ID to use in the query.
.Select(t => t.ID);
var userIdentityQuery =
repository.Query()
.Fetch(x => x.User.UserScopes).Eager
.WithSubquery.WhereProperty(x => x.User.ID).In(subQuery)
.TransformUsing(Transformers.DistinctRootEntity)
.Future<OAuth2UserIdentity>();
OAuth2UserIdentity userIdentity = userIdentityQuery.SingleOrDefault();
if (userIdentity != null) entity = userIdentity;
}
return entity;
}
public OAuth2UserIdentity GetUserIdentity(string identifier)
{
OAuth2UserIdentity entity = null;
using (IEntityContext context = DependencyInjection.Get<IEntityContext>())
{
entity = this.GetUserIdentity(context, identifier);
context.Commit();
}
return entity;
}
/// <summary>
/// Sign up a new <see cref="OAuth2User"/> account.
/// </summary>
/// <param name="user">The <see cref="OAuth2User"/> data transfer object.</param>
/// <returns>The registered <see cref="OAuth2User"/> account.</returns>
public DataTransfer.OAuth2UserIdentity SignUpUser(OAuth2UserIdentity userIdentity)
{
DataTransfer.OAuth2UserIdentity value =
UnitOfWork.Execute <DataTransfer.OAuth2UserIdentity>(() =>
{
IOAuth2AuthorizationStoreAgent agent = DependencyInjection.Get <IOAuth2AuthorizationStoreAgent>();
Domain.Entity.OAuth2UserIdentity _userIdentity = userIdentity.ToEntity();
Domain.Entity.OAuth2UserIdentity entity = agent.SignUpUser(_userIdentity);
DataTransfer.OAuth2UserIdentity _value = entity.ToDataTransferValue();
return(_value);
});
return(value);
}
public OAuth2UserIdentity SignUpUser(OAuth2UserIdentity entity)
{
using (IEntityContext context = DependencyInjection.Get<IEntityContext>())
{
using (IOAuth2UserRepository repository = DependencyInjection.Get<IOAuth2UserRepository>(InjectionParameter.Create("context", context)))
{
IList<OAuth2Scope> scopes =
repository.Context.Query<OAuth2Scope>()
.Where(x => x.Code == "application.role.user.default")
.List();
bool isValidIdentifier = this.IsValidEmail(entity.User.Identifier);
if (isValidIdentifier)
{
OAuth2User user = new OAuth2User();
user.ID = Guid.NewGuid();
user.Identifier = entity.User.Identifier;
user.Password = entity.User.Password;
user.CreationTimestamp = DateTime.UtcNow;
user.ValidFrom = DateTime.UtcNow;
user.ValidUntil = new DateTime(DateTime.Parse("2100-01-01").Ticks, DateTimeKind.Utc);
repository.Context.AddOrUpdate(user);
Identity identity = new Identity();
identity.ID = Guid.NewGuid();
identity.FirstName = entity.Identity.FirstName;
identity.Name = entity.Identity.Name;
identity.Locale = entity.Identity.Locale;
repository.Context.AddOrUpdate(identity);
OAuth2UserScope userScope = new OAuth2UserScope();
userScope.ID = Guid.NewGuid();
userScope.Scope = scopes.Single();
userScope.User = user;
userScope.CreationTimestamp = DateTime.UtcNow;
userScope.ValidFrom = DateTime.UtcNow;
userScope.ValidUntil = new DateTime(DateTime.Parse("2100-01-01").Ticks, DateTimeKind.Utc);
repository.Context.AddOrUpdate(userScope);
OAuth2UserIdentity userIdentity = new OAuth2UserIdentity();
userIdentity.ID = Guid.NewGuid();
userIdentity.User = user;
userIdentity.Identity = identity;
userIdentity.CreationTimestamp = DateTime.UtcNow;
userIdentity.ValidFrom = DateTime.UtcNow;
userIdentity.ValidUntil = new DateTime(DateTime.Parse("2100-01-01").Ticks, DateTimeKind.Utc);
repository.Context.AddOrUpdate(userIdentity);
}
else
{
throw new Exception("Invalid e-mail address.");
}
}
context.Commit();
}
Domain.Entity.OAuth2UserIdentity _entity = this.GetUserIdentity(entity.User.Identifier);
return _entity;
}
public OAuth2UserIdentity SignUpUser(OAuth2UserIdentity entity)
{
using (IEntityContext context = DependencyInjection.Get<IEntityContext>())
{
using (IOAuth2UserRepository repository = DependencyInjection.Get<IOAuth2UserRepository>(InjectionParameter.Create("context", context)))
{
IList<OAuth2Scope> scopes =
repository.Context.Query<OAuth2Scope>()
.Where(x => x.Code == "application.role.user.default")
.List();
bool isValidIdentifier = this.IsValidEmail(entity.User.Identifier);
if (isValidIdentifier)
{
OAuth2User user = new OAuth2User();
user.ID = Guid.NewGuid();
user.Identifier = entity.User.Identifier;
user.Password = entity.User.Password;
user.CreationTimestamp = DateTime.UtcNow;
user.ValidFrom = DateTime.UtcNow;
user.ValidUntil = new DateTime(DateTime.Parse("2100-01-01").Ticks, DateTimeKind.Utc);
repository.Context.AddOrUpdate(user);
Identity identity = new Identity();
identity.ID = Guid.NewGuid();
identity.FirstName = entity.Identity.FirstName;
identity.Name = entity.Identity.Name;
identity.Locale = entity.Identity.Locale;
repository.Context.AddOrUpdate(identity);
OAuth2UserScope userScope = new OAuth2UserScope();
userScope.ID = Guid.NewGuid();
userScope.Scope = scopes.Single();
userScope.User = user;
userScope.CreationTimestamp = DateTime.UtcNow;
userScope.ValidFrom = DateTime.UtcNow;
userScope.ValidUntil = new DateTime(DateTime.Parse("2100-01-01").Ticks, DateTimeKind.Utc);
repository.Context.AddOrUpdate(userScope);
OAuth2UserIdentity userIdentity = new OAuth2UserIdentity();
userIdentity.ID = Guid.NewGuid();
userIdentity.User = user;
userIdentity.Identity = identity;
userIdentity.CreationTimestamp = DateTime.UtcNow;
userIdentity.ValidFrom = DateTime.UtcNow;
userIdentity.ValidUntil = new DateTime(DateTime.Parse("2100-01-01").Ticks, DateTimeKind.Utc);
repository.Context.AddOrUpdate(userIdentity);
}
else
{
throw new Exception("Invalid e-mail address.");
}
}
context.Commit();
}
Domain.Entity.OAuth2UserIdentity _entity = this.GetUserIdentity(entity.User.Identifier);
return _entity;
}
